diff --git a/docs/.cvsignore b/docs/.cvsignore new file mode 100644 index 00000000..2ec816f3 --- /dev/null +++ b/docs/.cvsignore @@ -0,0 +1,2 @@ +html +latex diff --git a/src/libopensc/Makefile.am b/src/libopensc/Makefile.am index 19f8aec4..3cb42348 100644 --- a/src/libopensc/Makefile.am +++ b/src/libopensc/Makefile.am @@ -21,7 +21,7 @@ libopensc_la_SOURCES = asn1.c base64.c sec.c log.c sc.c card.c iso7816.c \ dir.c pkcs15.c pkcs15-cert.c pkcs15-pin.c \ pkcs15-prkey.c pkcs15-sec.c pkcs15-cache.c \ $(PCSC_SRC) \ - card-setec.c card-miocos.c card-flex.c card-gpk.c \ + card-setcos.c card-miocos.c card-flex.c card-gpk.c \ card-tcos.c card-emv.c card-default.c libopensc_la_LDFLAGS = -version-info 0:6:0 libopensc_la_LIBADD = $(PCSC_LIB) $(SSL_LIB) diff --git a/src/libopensc/card-setcos.c b/src/libopensc/card-setcos.c index edaa7f95..a5ad0b57 100644 --- a/src/libopensc/card-setcos.c +++ b/src/libopensc/card-setcos.c @@ -1,5 +1,5 @@ /* - * card-setec.c: Support for PKI cards by Setec + * card-setcos.c: Support for PKI cards by Setec * * Copyright (C) 2001 Juha Yrjölä * @@ -21,7 +21,7 @@ #include "sc-internal.h" #include "sc-log.h" -static const char *setec_atrs[] = { +static const char *setcos_atrs[] = { /* the current FINEID card has this ATR: */ "3B:9F:94:40:1E:00:67:11:43:46:49:53:45:10:52:66:FF:81:90:00", /* this is from a Nokia branded SC */ @@ -31,26 +31,26 @@ static const char *setec_atrs[] = { NULL }; -static struct sc_card_operations setec_ops; -static const struct sc_card_driver setec_drv = { +static struct sc_card_operations setcos_ops; +static const struct sc_card_driver setcos_drv = { "Setec smartcards", - "setec", - &setec_ops + "setcos", + &setcos_ops }; -static int setec_finish(struct sc_card *card) +static int setcos_finish(struct sc_card *card) { return 0; } -static int setec_match_card(struct sc_card *card) +static int setcos_match_card(struct sc_card *card) { int i, match = -1; - for (i = 0; setec_atrs[i] != NULL; i++) { + for (i = 0; setcos_atrs[i] != NULL; i++) { u8 defatr[SC_MAX_ATR_SIZE]; size_t len = sizeof(defatr); - const char *atrp = setec_atrs[i]; + const char *atrp = setcos_atrs[i]; if (sc_hex_to_bin(atrp, defatr, &len)) continue; @@ -67,7 +67,7 @@ static int setec_match_card(struct sc_card *card) return 1; } -static int setec_init(struct sc_card *card) +static int setcos_init(struct sc_card *card) { card->drv_data = NULL; card->cla = 0x00; @@ -102,7 +102,7 @@ static u8 acl_to_byte(const struct sc_acl_entry *e) return 0x00; } -static int setec_create_file(struct sc_card *card, struct sc_file *file) +static int setcos_create_file(struct sc_card *card, struct sc_file *file) { if (file->prop_attr_len == 0) { memcpy(file->prop_attr, "\x03\x00\x00", 3); @@ -139,7 +139,7 @@ static int setec_create_file(struct sc_card *card, struct sc_file *file) return iso_ops->create_file(card, file); } -static int setec_set_security_env(struct sc_card *card, +static int setcos_set_security_env(struct sc_card *card, const struct sc_security_env *env, int se_num) { @@ -221,7 +221,7 @@ static void parse_sec_attr(struct sc_file *file, const u8 *buf, size_t len) add_acl_entry(file, idx[i], buf[i]); } -static int setec_select_file(struct sc_card *card, +static int setcos_select_file(struct sc_card *card, const struct sc_path *in_path, struct sc_file **file) { @@ -235,7 +235,7 @@ static int setec_select_file(struct sc_card *card, return 0; } -static int setec_list_files(struct sc_card *card, u8 *buf, size_t buflen) +static int setcos_list_files(struct sc_card *card, u8 *buf, size_t buflen) { struct sc_apdu apdu; int r; @@ -255,22 +255,22 @@ static const struct sc_card_driver * sc_get_driver(void) { const struct sc_card_driver *iso_drv = sc_get_iso7816_driver(); - setec_ops = *iso_drv->ops; - setec_ops.match_card = setec_match_card; - setec_ops.init = setec_init; - setec_ops.finish = setec_finish; + setcos_ops = *iso_drv->ops; + setcos_ops.match_card = setcos_match_card; + setcos_ops.init = setcos_init; + setcos_ops.finish = setcos_finish; if (iso_ops == NULL) iso_ops = iso_drv->ops; - setec_ops.create_file = setec_create_file; - setec_ops.set_security_env = setec_set_security_env; - setec_ops.select_file = setec_select_file; - setec_ops.list_files = setec_list_files; + setcos_ops.create_file = setcos_create_file; + setcos_ops.set_security_env = setcos_set_security_env; + setcos_ops.select_file = setcos_select_file; + setcos_ops.list_files = setcos_list_files; - return &setec_drv; + return &setcos_drv; } #if 1 -const struct sc_card_driver * sc_get_setec_driver(void) +const struct sc_card_driver * sc_get_setcos_driver(void) { return sc_get_driver(); } diff --git a/src/libopensc/card-tcos.c b/src/libopensc/card-tcos.c index 24ff7318..b0501867 100644 --- a/src/libopensc/card-tcos.c +++ b/src/libopensc/card-tcos.c @@ -1,5 +1,5 @@ /* - * card-setec.c: Support for TCOS 2.0 cards + * card-tcos.c: Support for TCOS 2.0 cards * * Copyright (C) 2001 Juha Yrjölä * diff --git a/src/libopensc/opensc.h b/src/libopensc/opensc.h index cb056422..f9133a11 100644 --- a/src/libopensc/opensc.h +++ b/src/libopensc/opensc.h @@ -695,7 +695,7 @@ extern const struct sc_reader_driver *sc_get_pcsc_driver(void); extern const struct sc_card_driver *sc_get_iso7816_driver(void); extern const struct sc_card_driver *sc_get_emv_driver(void); -extern const struct sc_card_driver *sc_get_setec_driver(void); +extern const struct sc_card_driver *sc_get_setcos_driver(void); extern const struct sc_card_driver *sc_get_miocos_driver(void); extern const struct sc_card_driver *sc_get_flex_driver(void); extern const struct sc_card_driver *sc_get_gpk_driver(void); diff --git a/src/libopensc/sc.c b/src/libopensc/sc.c index 387deb84..2c4f5c84 100644 --- a/src/libopensc/sc.c +++ b/src/libopensc/sc.c @@ -173,7 +173,7 @@ int sc_establish_context(struct sc_context **ctx_out) ctx->card_drivers[i] = NULL; i = 0; #if 1 - ctx->card_drivers[i++] = sc_get_setec_driver(); + ctx->card_drivers[i++] = sc_get_setcos_driver(); #endif #if 1 ctx->card_drivers[i++] = sc_get_miocos_driver(); diff --git a/src/tools/miocos-rw.profile b/src/tools/miocos-rw.profile new file mode 100644 index 00000000..f0ef090b --- /dev/null +++ b/src/tools/miocos-rw.profile @@ -0,0 +1,97 @@ +# +# PKCS 15 r/w profile for GPK cards +# +CardInfo + Label "OpenSC Card" + Manufacturer "OpenSC Project" + MinPinLength 0 + MaxPinLength 8 + #PinEncoding + + # This is the secure messaging key required for + # creating files in the MF + #Key PRO 0x0001 "=TEST KEYTEST KEY" + +# This is the application DF +DF + Path 3F005015 + AID A0:00:00:00:63:50:4B:43:53:2D:31:35 + ACL *=NONE + +EF pinfile + Path 3F0050150000 + Structure 0x21 # GPK specific + RecordLength 8 + Size 32 + ACL *=NEVER + +EF PKCS15-DIR + Path 3F002F00 + ACL *=NONE + +EF PKCS15-ODF + Path 3F0050155031 + ACL *=NONE + +EF PKCS15-TokenInfo + Path 3F0050155032 + ACL *=NONE + +EF PKCS15-AODF + Path 3F0050154401 + ACL *=NEVER READ=NONE UPDATE=CHV2 + +EF PKCS15-PrKDF + Path 3F0050154402 + ACL *=NEVER READ=NONE UPDATE=CHV2 + +EF PKCS15-CDF + Path 3F0050154403 + ACL *=NEVER READ=NONE UPDATE=CHV2 + +# Private key files. +# GPK private key files will never let you read the private key +# part, so it's okay to set READ=NONE. What's more, we need +# read access so we're able to update the file. +EF pk1 + Path 3F005015000E + Structure 0x2C # GPK specific + ACL *=NEVER READ=NEVER UPDATE=CHV2 WRITE=CHV2 + +EF pk2 + Path 3F005015000F + Structure 0x2C # GPK specific + ACL *=NEVER READ=NEVER UPDATE=CHV2 WRITE=CHV2 + +# CVH1. 7 attempts for the PIN, and 3 for the PUK +# Reference 0x8 means "PIN0 in the local EFsc" in GPK parlance +PIN CHV1 + File pinfile + Label "Authentication PIN" + Reference 0x8 + Attempts 7 3 + AuthID 01 + +# CVH2. 7 attempts for the PIN, and 3 for the PUK +# Reference 0xA means "PIN2 in the local EFsc" in GPK parlance +PIN CHV2 + File pinfile + Label "Non-repudiation PIN" + Reference 0xA + Attempts 7 3 + Offset 16 + AuthID 02 + +PrivateKey AuthKey + Label "Authentication Key" + File pk1 + ID 45 + AuthID 01 # Requires CHV1 + KeyUsage sign + +PrivateKey SignKey + Label "Non-repudiation Key" + File pk2 + ID 46 + AuthID 02 # Requires CHV2 + KeyUsage NonRepudiation diff --git a/src/tools/pkcs15-miocos.c b/src/tools/pkcs15-miocos.c new file mode 100644 index 00000000..6bbb4163 --- /dev/null +++ b/src/tools/pkcs15-miocos.c @@ -0,0 +1,96 @@ +/* + * MioCOS specific operation for PKCS15 initialization + * + * Copyright (C) 2002 Juha Yrjölä + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + */ + +#ifdef HAVE_CONFIG_H +#include +#endif +#include +#include +#include +#include "opensc.h" +#include "pkcs15-init.h" +#include "util.h" + +/* + * Initialize the Application DF and store the PINs + * + */ +static int miocos_init_app(struct sc_profile *profile, struct sc_card *card) +{ +#if 0 + struct pin_info *pin1, *pin2; + int lockit = 0; + + pin1 = sc_profile_find_pin(profile, "CHV1"); + pin2 = sc_profile_find_pin(profile, "CHV2"); + if (pin1 == NULL) { + fprintf(stderr, "No CHV1 defined\n"); + return 1; + } + + /* XXX TODO: + * if the CHV2 pin file is required to create files + * in the application DF, create that file first */ + + /* Create the application DF */ + if (do_create_file(profile, profile->df_info.file)) + return 1; + + /* Store CHV2 */ + lockit = 0; + if (pin2) { + if (gpk_store_pin(profile, card, pin2, &lockit)) + return 1; + /* If both PINs reside in the same file, don't lock + * it yet. */ + if (pin1->file != pin2->file && lockit) { + if (gpk_lock_pinfile(profile, card, pin2->file->file)) + return 1; + lockit = 0; + } + } + + /* Store CHV1 */ + if (gpk_store_pin(profile, card, pin1, &lockit)) + return 1; + + if (lockit && gpk_lock_pinfile(profile, card, pin2->file->file)) + return 1; +#endif + return 0; +} + +/* + * Store a RSA key on the card + */ +static int miocos_store_rsa_key(struct sc_profile *profile, + struct sc_card *card, + struct prkey_info *info, RSA *rsa) +{ + return 0; +} + +void bind_miocos_operations(struct pkcs15_init_operations *ops) +{ + ops->erase_card = NULL; + ops->init_app = miocos_init_app; + ops->store_rsa = miocos_store_rsa_key; + ops->store_dsa = NULL; +}